Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

iPhone Tracking Issue Not Apple's First Congressional Run-In

Apple is facing hard questions about iOS 4's ability to track users. It's not the first time the company's faced location-based inquiries.

Apple is facing some serious questions about how and why its mobile products collect users' location data. But it's not the first time the company has dealt with interrogation by lawmakers over its practices related to that sort of information.

On April 21, U.S. Rep. Edward Markey (D-Mass.) and Senator Al Franken (D-Minn.) fired off letters to Apple CEO Steve Jobs, asking for clarification on news that the iPhone and 3G-enabled iPad running iOS 4 have been saving location data to a hidden database file.

Apple has not yet officially responded, but it's not the first time the Cupertino, Calif.-based tech giant has run smack into lawmakers' inquiries about its location data. In June 2010, Edward Markey, along with U.S. Rep. Joe L. Barton (R-Texas) sent Apple a letter demanding information on its practice of collecting, storing and sharing the location of users' mobile devices.

The congressmen were apparently motivated by a change in Apple's iTunes privacy policy, which had been revised to allow the sharing of location data with application providers-if customers opted in to the providers' location services.

Further reading

Apple responded at the time that, while its mobile devices and Mac computers did collect location information, they did so anonymously in batches, before encrypting and sending it to Apple's servers every 12 hours.

In recent days, reports have emerged suggesting that smartphones running Android have been transmitting location data to Google. Security analyst Samy Kamkar, in research quoted in The Wall Street Journal April 22, suggested that the information uploaded by Android devices was free of personal data.

The current focus on iOS 4 started after researchers Alasdair Allan wrote a long April 20 posting about the mobile operating system's supposed location-sniffing abilities on the O'Reilly Radar blog. Working with co-researcher Pete Warden, Allan released an open-source iPhone Tracker application that plots the consolidated information on a map.

"The database of your locations is stored on your iPhone as well as in any of the automatic backups that are made when you sync it with iTunes," Allan wrote as part of a FAQ about removing the data. "One thing that will help is choosing encrypted backups, since that will prevent other users or programs on your machine from viewing the data, but there will still be a copy on your device."

The location data saved by iOS 4 apparently contains information gleaned from cell towers and the names of WiFi access points, and not actual data on the tablet or smartphone. In theory, at least, anyone who manages to seize the user's iOS device and its syncing PC will have access to the unlocked database file and roughly a year's worth of consolidated location data.

"The existence of this information stored in an unencrypted format raises serious privacy concerns," read Franken's April 21 letter to Jobs. "The researchers who uncovered this file speculated that it generated location based on cell phone triangulation technology. If that is indeed the case, the location available in this file is likely accurate to 50 meters or less."

In turn, he wrote, that raises the possibility of some very negative consequences: "It is also entirely conceivable that malicious persons may create viruses to access this data from customers' iPhones, iPads and desktop and laptop computers ... There are numerous ways in which this information could be abused by criminals and bad actors."

Other popular online services, including Twitter and Foursquare, also leverage location data.